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EXAMINER'S ANSWER 



This is in response to the appeal brief filed March 29, 2006 appealing from the Office 
action mailed September 20, 2005. 



Application/Control Number: 10/063,402 Page 2 

Art Unit: 2145 

(2) Related Appeals and Interferences 

The examiner is not aware of any related appeals, interferences, or judicial 
proceedings which will directly affect or be directly affected by or have a bearing on the 
Board's decision in the pending appeal. 

(3) Status of Claims 

The statement of the status of claims contained in the brief is correct. 

(4) Status of Amendments After Final 

The appellant's statement of the status of amendments after final rejection 
contained in the brief Is correct. 

(5) Summary of Claimed Subject Matter 

The summary of claimed subject matter contained in the brief is correct. 

(6) Grounds of Rejection to be Reviewed on Appeal 
GROUNDS OF REJECTION NOT ON REVIEW 

The following grounds of rejection have not been withdrawn by the examiner, but 
they are not under review on appeal because they have not been presented for review 
in the appellant's brief. Claims 14 is rejected under 35 U.S.C. 103(a) as being 
unpatentable over Batten-Carew et al. 

(7) Claims Appendix 

The copy of the appealed claims contained in the Appendix to the brief is correct. 

(8) Evidence Relied Upon 

No evidence is relied upon by the examiner in the rejection of the claims under 
appeal. 
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(9) Grounds of Rejection 

The following ground(s) of rejection are applicable to the appealed claims: 



Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form 
the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of 
this subsection of an application filed in the United States only if the international application designated the 
United States and was published under Article 21(2) of such treaty in the English language. 

Claims 5-7, 9-13, 15, 17-20, and 23 rejected under 35 U.S.C. 102(b) as being 
anticipated by Batten-Carew et al. (U.S. Patent 5,968,177). 



For claim 5, Batten-Carew teaches, a method for autonomic administration isolation for 
a secure remote management in a computer network, the method comprising: 
(a) isolating administrative access to a plurality of client systems in a 
computer network via a data center; (Batten-Carew , figure 1 , for example the 
administrator 18 is separated by serving entity 12 from end-users 36, 38 40, Col. 6 lines 
9-22) 

and (b) utilizing the data center to control remote initiation of services in the 
plurality of client systems by an administrator system, the administrator system being a 
computer through which an administrator manages at least one of the plurality of clients 
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systems, wherein utilizing the data center further includes; (Batten-Carew , figure 1, Col. 
6 lines 9-22) 

(b1) verifying authentication of the administrator system by the data center. 
(Batten-Carew , Col. 4 lines 32-44, Col. 6 lines 42-52, Col. 7 line 65 to Col. 8 line 14) 

(b2) receiving a service command from the authenticated administrator system in 
the data center. (Batten-Carew , Col. 4 lines 32-44, Col. 6 lines 9-22, 1. 6 lines 42-52, 
Col. 7 line 65 to Col. 8 line 14) 

(b3) detennining in the data center whether the authenticated administrator 
system has authorization to perfomri the service command in the at least one managed 
client system. (Batten-Carew , Col. 3 lines 41-61, Col. 4 lines 12-21, Col. 4 lines 32-44, 
Col. 4 lines 45-57, Col. 7 line 65 to Col. 8 line 14) 

(b4) issuing a trusted message from the data center to the at least one managed 
client system when the authenticated administrator system does have authorization to 
perfomi the service command. (Batten-Carew , Col. 3 lines 41-61, Col. 4 lines 9-21, Col. 
4 lines 32-44, Col. 4 lines 45-67, Col. 5 lines 4-1 1 , Col. 7 line 65 to Col. 8 line 14, Col. 6 
lines 9-22) 

For claim 6, Batten-Carew teaches, the method of claim 5 further comprising (c) 
validating and decrypting the trusted message in the at least one managed client 
system to perform the service command. (Batten-Carew , Col. 4 lines 45-57, Col. 6 lines 
9-22, Col. 7 lines 30-34, Col. 7 lines 35-48, Col. 7 line 65 to Col. 8 line 14) 
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For claim 7, Batten-Carew teaches, an autonomic system for selective administration 
isolation for secure remote management in a computer network, the system comprising: 

a network; (Batten-Carew , Col. 3 lines 20-26, Col. 5 lines 24-34) 

at least one administrator system coupled to the network, the at least one 
administrator system operable to transmit one or more service commands for managing 
one or more client systems; (Batten-Carew , CoL 6 lines 9-22) 

at least one client system coupled to the network; (Batten-Carew , Col. 3 lines 
20-26. Col. 5 lines 24-34) 

and a data center coupled ot the at least one administrator system and to the at 
least one client system via the network, the data center for: 

isolating administrative access to the at least one client system and controlling 
remote initiation of services in the at least one client system by the at least one 
administrator system including. (Batten-Carew , figure 1 , for example the administrator 
18 is separated by serving entity 12 from end-users 36, 38 40, Col. 6 lines 9-22, Col. 4 
lines 45-57, Col. 7 lines 30-34, Col. 7 lines 35-48, Col. 7 line 65 to Col. 8 line 14) 

For claim 9, Batten-Carew teaches, the system of claim 7 wherein the data center 
verifies authentication of the at least one administrator system. (Batten-Carew , Col. 3 
lines 41-61, Col. 4 lines 12-21, Col. 4 lines 32-44, Col. 4 lines 45-57, Col. 7 line 65 to 
Col. 8 line 14) 
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For claim 10, Batten-Carew teaclies, the system of claim 7 wherein the authentication 
of a second user associated with the data center includes a user ID and password 
known only to the data center includes a user ID and password known only to the data 
center and an agent running on the at least one client system, (see Batten-Carew, Col. 

6 lines 9-22, Col. 3 lines 41-61, Col. 4 lines 12-21, Col. 4 lines 32-44, Col. 4 lines 45-57, 
Col. 7 line 65 to Col. 8 line 14) 

For claim 11, Batten-Carew teaches, the system of claim 9 wherein the data center 
determines whether the authenticated administrator system had authorization to 
perform the service command in the at least one client system prior to issuing the 
trusted message to the at least one client system, (see Battent-Carew, Col. 4 lines 45- 
57, Col. 7 lines 30-34, Col. 7 lines 35-48, Col. 7 line 65 to Col. 8 line 14) 

For claim 12, Batten-Carew teaches, the system of claim 1 1 wherein the data center 
issues a trusted message to the at least one client system when the authenticated 
administrator system does have authorization to perform the service command. (Batten- 
Carew , Col. 3 lines 41-61, Col. 4 lines 12-21, Col. 4 lines 32-44, Col. 4 lines 45-57, Col. 

7 line 65 to Col. 8 line 14) 
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For claim 13, Batten-Carew teaches, the system of claim 12 wherein the at least one 
client system validates and decrypts the trusted message to perform the service 
command. (Batten-Carew , Col. 4 lines 45-57, Col. 7 lines 30-34, Col. 7 lines 35-48, 
Col. 7 line 65 to Col. 8 line 14) 

For claim 19, Batten-Carew teaches, a computer readable medium containing program 
instruction for autonomic administration isolation in a computer network for a secure 
remote management, the program instruction for: 

(a) isolating administrative access to plurality of client systems in a computer 
network via a data center; (Batten-Carew , figure 1 , for example the administrator 18 is 
separated by serving entity 12 from end-users 36, 38 40, Col. 6 lines 9-22, Col. 4 lines 
45-57, Col. 7 lines 30-34, Col. 7 lines 35-48, Col. 7 line 66 to Col. 8 line 14) 

and (b) controlling remote initiation of services in the plurality of client system by 
an administrator system via the data center, the administrator system being a computer 
through which an administrator manages at least one of the plurality of client systems, 
wherein controlling remote initiation of services via the data center includes; (Batten- 
Carew , Col. 6 lines 9-22, Col. 3 lines 41-61 , Col. 4 lines 12-21 , Col. 4 lines 32-44, Col. 
4 lines 45-57, Col. 7 line 65 to Col. 8 line 14) 

(b1 ) verifying authentication of the administrator system by the data center. 
(Batten-Carew , Col. 4 lines 32-44, Col. 6 lines 42-52. Col. 7 line 65 to Col. 8 line 14) 
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(b2) receiving a service command from thie authenticated administrator system in 
the data center. (Batten-Carew , Col. 3 lines 41-61, Col. 4 lines 12-21, Col. 4 lines 32- 
44. Col. 4 lines 45-57, Col. 7 line 65 to Col. 8 line 14, Col. 4 lines 32-44, Col. 6 lines 42- 
52) 

(b3) detennining the data center whether the authenticated administrator system 
has authorization perform the service command in the at least one managed client 
system. (Batten-Carew , Col. 4 lines 32-44, Col. 6 lines 42-52, Col. 7 line 65 to Col. 8 
line 14. Col. 3 lines 41-61, Col. 4 lines 12-21, Col. 4 lines 32-44. Col. 4 lines 45-57) 

(b4) issuing a trusted message from the data center to the at least one managed 
client system when the authenticated administrator system does have authorization to 
perform the service command. (Batten-Carew , Col. 3 lines 41-61 , Col. 4 lines 9-21, Col. 
4 lines 32-44, Col. 4 lines 45-67, Col. 5 lines 4-11, Col. 7 line 65 to Col. 8 line 14, Col. 6 
lines 9-22) 

For claim 20, Batten-Carew teaches, the computer readable medium of claim 19 further 
comprising (c) validating and decrypting the trusted message in the at least one 
managed client system to perform the service command. (Batten-Carew , Col. 6 lines 9- 
22. Col. 4 lines 45-57, Col. 7 lines 30-34, Col. 7 lines 35-48. Col. 7 line 65 to Col. 8 line 
14) 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a 
person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived 
by the manner in which the invention was made. 

Claims 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over Batten- 

Carew et al. in view of Davis (U.S. Patent 6,181 ,803). 

For claim 8, Batten-Carew teaches, he system of claim 7 wherein the at least one 
administrator system includes authentication capabilities. (Batten-Carew , Col. 3 lines 
41-61, Col. 4 lines 12-21, Col. 4 lines 32-44, Col. 4 lines 45-57, Col. 7 line 65 to Col. 8 
line 14) 

Batten-Carew fails to clearly disclose, via an embedded security chip for unique system 
identification and biometric identification for unique user identification. 

Davis teaches, via an embedded security chip for unique system identification and 
biometric identification for unique user identification. (Davis, Col. 2 lines 50-57) 
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It would have been obvious to on of ordinary skill in the art at the time of the 
invention was made to combine Batten-Carew's method of remote administration via a 
server interface with Davis' method of biometric authentication in order to create a more 
secure authentication system. It is well known in the art that passwords are a weak 
means of authentication and that biometrics provides an added level of security beyond 
just normal passwords. (Davis, Col. 3 lines 35-45, Davis provided for the use of the 
authentication system with a computer) 

Claims 14 Is rejected under 35 U.S.C. 103(a) as being unpatentable over Batten- 
Carew et al. 

Batten-Carew fails to clearly disclose, the system of claim 9 wherein the network further 
comprises a world wide web network. 

It would have been obvious to on of ordinary skill in the art at the time of the 
invention was made to make use of the world wide web as a network in order to support 
easy support, inexpressive overhead cost, and remote availability, (see Batten-Carew , 
Col. 3 lines 20-26, which provide support that user computer are in remote locations) 
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(10) Response to Argument 

A) Appellant argues, claims 5-7, 9-13. and 19-20 are not properly rejected under 
35 U.S.C. 102(b) as being anticipated by Batten-Carew. Appellant summarizes claim 5 
then argues the feature "A potential advantage of such a method is that system 
administrators never have direct access to client's operating system log-ons or security 
credential." 

Examiner would like to note this feature is a befit of the claim limitation but not a 
claim limitation or an interpretation of the claim limitation therefore it is not a limiting. 
Although the claims are interpreted in light of the specification, limitations from the 
specification are not read into the claims. See In re Van Geuns, 988 F.2d 1 181, 26 
USPQ2d 1057 (Fed. Cir. 1993). 

B) Appellant argues, Batten-Carew Fails to Disclose Isolating Administrative 
Access to a Plurality of Client Systems in a Computer Network via a Data Center. 
Appellant argues "isolating administrative access to a plurality of client systems in a 
computer network via a data center" is different then that which Batten-Carew discloses. 

Examiner disagrees, appellant is incorporating intended result of the claim 
limitation, and therefore appellant is importing limitations from the specification not 
present in the claim. Batten-Carew teaches "isolating administrative access to a 
plurality of client system in a computer network via a data center" in order of Batten- 
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Carew administrator 18 in figure 1 to communicate with end-users 36, 38, 40 those 
communication must travel through the serving entity 12. Batten-Carew (Col. 4 lines 
58-67) discusses transmit an administrative 46 request to the serving entity 12. Which 
show that the administrator is isolated from end users 36,38,40. 

C) Appellant argues, Batten-Carew Fails to Disclose Issuing a Trusted Message 
from the Data Center to at least one Managed Client when the Authenticated 
Administrative Does Have Authorization to Perform the Service Command. Appellant 
argues that Batten-Carew fails to teach "issuing a trusted message from the data center 
to at least one managed client system." 

Examiner disagrees Batten-Carew (Col. 4 lines 9-12) discloses the administrative 
request were for addition of a public key pair for new end-user an the process quested 
would include the public key pair for the end-user, and the permission of the 
administration is verified in the permission matrix (Col, 5 line 4). Appellant further 
argues interpretation of "trusted message," specifically appellant suggest support for the 
interpretation that a "trusted message" is an encrypted and has an associated signature 
is found in paragraph 1 1 of the specification. Examiner review the suggested portion of 
the specification but no specific definition is provided, examiner is able to infer from the 
specification in paragraph 1 1 that a trusted message is able to singed (not required, 
since no support is give that it is or is not) and further is transmitted from a trusted third 
party. Batten-Carew discloses (Col. 4 lines 45-57) that a signature verification is 
provided with a public key to a administrative entity such that the administrator is able to 
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issue request to the serving entity on behalf to the end-users (Col. 4 lines 65-67). Also 
further Batten-Carew disclose that end-user receive a public key (Col.5 line 10-11) 
which is used to communicate with the encrypted public key message from the serving 
entity. 

D) Appellant argues, The Examiner has not met the basic criteria to establish 
anticipation. Appellant argues all features of claim 5, 7, 19 are not taught which are the 
same arguments presented in arguments A, B and C. 

Examiner has shown sufficient support and anticipation of Batten-Carew in 
response to arguments A, B and C examiner has met the criteria established for 
anticipation. 

E) Appellant argues, claim 8 is not properly rejected under 35 U.S.C. 103 (a) as 
being unpatentable over Batten-Carew in view of Davis. Appellant mealy mention the 
claim limitation. 

Examiner mentions cited portion of Davis (Davis, Col. 2 lines 50-57) as in 
combination with Batten-Carew as teaching this feature. In addition to the arguments 
addressed above In A, B and C. 
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F) Appellant argues, Davis Fails to Disclose Isolating Administrative Access to a 
Plurality of Client Systems in a Computer Network via a Data Center. Appellant does 
not argue any of the features of the dependent claim merely reviews the arguments 
discussed above. 

Examiner respectfully submits that response to arguments address above over 
come appellant's arguments in A, B and C. 

G) Appellant argues. The Examiner has not met the basic criteria required to 
establish a prima facie case of obviousness. Appellant does not argue any of the 
features of the dependent claim merely reviews the arguments discussed above. 

Examiner respectfully submits that response to arguments address above over 
come appellant's arguments in A, B and C. 

Therefore In conclusion examiner has refuted all argument presented by 
appellant. Clearly showing that Batten-Carew teaches the feature of claims 5-7, 9-13, 
19-20, Batten-Carew in view of Davis teaches claim 8 and claim 14 is obvious to one of 
ordinary skill in the art in view of Batten-Carew . 
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(11) Related Proceeding(s) Appendix 

No decision rendered by a court or the Board is identified by the examiner in the 
Related Appeals and Interferences section of this examiner's answer. 

For the above reasons, it is believed that the rejections should be sustained. 
Respectfully submitted, 
Ajay Bhatia 

Conferees: 



^ JASON CARDONE 
SUPERVISORY PATENT EXAMINER 





